By default, unauthenticated users are not allowed to upload resources to the server through the Upload component on UI or by accessing directly the "/upload" handler, because this may cause some problems of server disk space. However, you can definitely configure the UploadHandler to allow this.

To change this restriction, edit the exo.portal.uploadhandler.public-restriction property in the exo.properties file as follows:

exo.portal.uploadhandler.public-restriction=false